Ian Macabulos
Full-Stack Developer
Full-Stack Developer
Search for a command to run...
This platform modernizes student tracking by replacing traditional paper logs with a zero-trust digital architecture. Designed as a freelance solution for the university, it eliminates proxy attendance fraud by utilizing strict browser geolocation APIs, time-sensitive session pins, and ECDSA cryptographic signatures. The system features isolated workflows for administrators, faculty members, and students using a strict Role-Based Access Control (RBAC) model.
Explore the live production application or review the strict cryptographic access control protocols on GitHub.
The system calculates the exact physical distance between the student device and the laboratory coordinates using Geolib. It automatically blocks attendance attempts if the user is outside the strictly permitted radius.
Teachers generate unique, time-expiring PIN codes for each class session. This forces students to be physically present in the room to view the projector and acquire the code before it expires.
Features highly isolated interfaces. Administrators manage device registrations and global schedules, teachers monitor live attendance, and students interact exclusively with the secure check-in portal.
The primary difficulty was eliminating proxy attendance entirely. Students frequently shared passcodes via messaging applications. The system required a method to mathematically prove the student was physically inside the designated laboratory room, during the exact start time of the class, using an authorized device.
Because this platform handles official university records, strict data validation and rapid execution speeds were central to the architecture. The application is built upon a foundation of mathematical proof rather than simple conditional logic.
Integrated the Elliptic Curve Digital Signature Algorithm (ECDSA) to cryptographically sign every attendance submission. This mathematical proof guarantees that network payloads cannot be spoofed, reused, or intercepted in transit.
Constructed a deeply relational Prisma schema hosted on a secure Aiven MySQL instance. Compound unique constraints guarantee that a single student can never log multiple attendance records for the same laboratory schedule.
All administrative and teacher credentials are mathematically salted and hashed using bcrypt prior to database insertion. This mitigates unauthorized system access and protects institutional data from brute-force vulnerabilities.
Developing this laboratory system as a freelance solution reinforced the importance of building zero-trust architectures in educational environments. Successfully combining modern web APIs like Geolocation with robust backend cryptographic validation resulted in a highly reliable institutional tool that solves a persistent administrative problem.